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(54) Apparatus for data copyright management system 



(57) A data copyright management apparatus is 
used with a user terminal and comprises a CPU, a CPU 
bus, ROM, EEPROM, and RAM. 

The CPU, ROM, EPROM, and RAM are connected 
to the CPU bus, and a system bus of a device which uti- 
lizes the data can be connected to the CPU bus. A data 
copyright management system program, crypt algo- 
rithm, and user information are stored in the ROM, and 
a second private-key, a permit key, a second secret-key, 
and copyright information are stored in the EEPROM. A 
first public-key, a first private-key, a second public-key. 
and a first secret-key are transmitted to the RAM during 
the operation. The data copyright management appara- 
tus may be configured in the form of a monolithic or 
hybrid IC, a thin IC card, PC card, and insertion board 
which have a unique terminal. If a copyright manage- 
ment program is supplied from the external, the it is 
stored in the EEPROM, otherwise it is stored in the ROM. 

In addition to a microprocessor of user terminal 
which decrypts encrypted data for displaying and 
processing and re-encrypts the decrypted data for stor- 
ing, copying, or transferring, at least one microprocessor, 
desirably two microprocessors, are added for decrypting 
and re-encrypting data which is encrypted and supplied. 
The microprocessors to be added may be connected to 
a system bus of the microprocessor of the user terminal, 
it is desirable that a multiprocessor configuration is 
implemented by using a SCSI bus, PCI bus, or SCI bus. 
Apparatus for decryption and re-encryption may be con- 
figured separately or as a unit. Device which is used to 
input and output encrypted data may be connected 
directly to the apparatus for decryption and re-encryp- 
tion. The data copyright management apparatus may be 
implemented in the form of a monolithic IC, a hybrid IC. 
or a built-in subboard, and the apparatus in these forms 



is incorporated in a computer, television set, set-top box, 
digital video tape recorder, digital video disk recorder, 
digital audio tape apparatus, or personal digital assist- 
ants, and the like. 



Fig. 3 
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Description 

Field of the Invention 

Thepresentinventionrelatestoan aPP*^ usf ^ 
p,aying, storing, copying, ed.ting or 
Satain using data, and irflends to protect d.g-tal data cop 

yrights. 

Background of the Invention 

in information-oriented society of today, a ^database 
system has been spread in which various data values 
haSg independently been stored in each computer so 

mutually used by connecting computers by com- is 

munication lines. . t 

The information having been handled by the data 
base system is classical type coded information which 

of information or monochrome binary data I 
data at most. Therefore, the database system has not 
bSn^ohandledatewithane^ 
of information such as a natural picture and a motion P .c 

tUfe However, while the digital processing technique tor n 
various electric signals develops, development of the 
digital processing art for a picture signal other than 
binary data having been handled only as an analog s,g 

^ BrSn^the above picture signal aptture , sig- - 
nal such as a television signal can be handled by a corn- 
pu er Therefore, a "multimedia system" for ^handling 
SSus data handled by a computer and picture data 
oSned by digitizing a picture signal at the same time ^ 
ic noticed as a future technique. 

Because picture data includes an overwhelming V 
,arge amount of information compared to character data 
and audio data, it is difficult to directly store o. -inwmrt 
^picture data or apply various processes to the p.c ^ 

^IneXThXen considered to compress or 
expand S« data and several standards for com- 
posing or expanding picture data have beer , prepay 
Among those standards, the «ol.ow.ng 45 
been prepared so far as common standards. JPEG (Jo nt 
Photographic image coding Experts Group) standard for 
a st ! Picture. H.261 standard for a video conference 

to the present telecast and tore h.gh-def inition telecast^ 
Real-timeprocessingofdigitalp.cturedatahasbeen 

realized by these techniques. „ ABta 
Because hitherto widely-spread analog date .s dete- 
riorated in quality whenever storing^copy.ng. jd-mjor 
transmitting it. copyrights produced due to the above 
operation has not been a large problem. However 
because digital data is not deteriorated .n quahty after 
repeatedlystoring. copying, editing, or transm.tt.ng-t. the 



control of copyrights produced due to the above opera- 

tion is a large problem. mQ . hnrl , n , 

Rpcause there is not hitherto any exact method for 

;! 5 oS I picture-recorder is only »mnMi*. 

data to another person via on line oy <* ^ 

is handled. In a multimedia system. ^^J. 
and oicture data which are ongmally analog data ^ar e o.g 
Sedtnd formed into a database in addition to the date 
such as characters which have been formed into a date 

b3S UdJAhe above situation, how to deal witf -a copy- 
right of data formed into a database is a large problem. 
Howier there has not been adequate copyr.ght man- 
intent means for solving the problem so far. pjrt.cu- 
larly copyright management means completed for 
sioondaryutilizationofthedatasuchascopy.ng.edrt.ng, 

^^T^* with advertisement" or 

yrighted and its use may be restncted by the copyngnt 

depending on the way of use. n ,nnnsed 
Tne inventor of the present .nvent.on et al. proposal 

yright through Japanese Patent La,d open 
1 ^urSore. they proposed a 

center for viewing by using commun.cat.on device via i a 
mit key to the requester, performs charg.ng and collects 
3 ,S After receiving the permit key. the 

grams using the permit key. . „.„ Patent 

9 Moreover, the system disclosed in JJ^JJJ 

Application No. J^SSSR, 
riant information for managing the coyngnwn * 

2 P „™, « - «. M ^"JSiC* 

process to sound), storage, copying, ea.ting. o 
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ting of the digital data in a database system including 
real-time transmission of a digital picture can be man- 
aged. The program for managing the copyright watches 
and manages to prevent users from using other than the 
conditions of user's request or permission. 5 

The Japanese Patent Application No. 64889/1994 
further discloses th6t data is supplied with encrypted 
from a database, decrypted by copyright management 
program when displayed or edited, and encrypted again 
when it is stored, copied or transmitted. Also the copy- w 
right management program itself being encrypted; 
decrypted by a permit key; the copyright management 
program thus decrypted performing encyption and 
decryption of copyright data; and when data is utilize- 
dother than storage and displaying, copyright informa- is 
tion including information of the person who has utilized, 
being stored as history in addition to original copyright 
information, are disclosed. 

Though the present invention is described below, 
general description is made for cryptography at first. 20 

The cryptography includes a secret-key cryptosys- 
tem and a public-key cryptosystem. 

The secret-key cryptosystem is a cryptosystem 
using the same crypt key for encryption and decryption. 
While this cryptosystem requires only a short time for 25 
encryption or decryption, the secret-key is found, and 
thus, the cryption may be cryptanalized. 

The public-key cryptosystem is a cryptosystem in 
which a key for encryption is open to the public as a pub- 
lic-key and a key for decryption is not open to the public. 30 
The key for encryption is referred to as a public-key and 
the key for decryption is referred to as a private-key. To 
use this cryptosystem, it is necessary that a party for 
transmitting information encrypts the information with a 
public-key of a party for receiving the information and the 35 
party for receiving the information decrypts the informa- 
tion with a private-key not open to the public. While this 
cryptosystem requires relatively a long time for encryp- 
tion or decryption, the private-key can hardly be found 
and it is very difficult to cryptanalyze the cryption. 40 

In the cryptography, a case of encrypting a plaintext 
M with a crypt key K to obtain a cryptogram C is 
expressed as 

C = E(K, M) 45 

and a case of decrypting the cryptogram C with the crypt 
key K to obtain the plaintext M is expressed as 

M = D(K, C). so 

The cryptosystem used for the present invention 
uses a secret-key cryptosystem in which the same 
secret-key Ks is used for encryption and decryption, and 
a public-key cryptosystem in which a public-key Kb is 55 
used for encryption of a plaintext and a private-key Kv is 
used for decryption of a cryptogram. 

Figure 1 shows a structure of the data copyright 
management system disclosed in the prior Japanese 



Patent Application No. 237673/1994 in which the appa- 
ratus for data copyright management system of the 
present invention is used. 

In this system, encrypted data is two-way supplied 
in accordance with a request from the primary user 4. 

This system rises the secret-key cryptosystem and 
the public-key cryptosystem as a cryptosystem. 

It is matter of course that this system can be applied 
when using a satellite broadcast, ground wave broad- 
cast. CATV broadcast or a recording medium other than 
a database as data supply means provided with adver- 
tisement requiring no charge or encryption. 

In this system, reference numeral 1 represents a 
database. 4 represents a primary user terminal, 5 repre- 
sents a secondary user terminal. 6 represents a tertiary 
user terminal, and 7 represents an n-order user terminal. 

And 3 represents a copyright management center, 
8, 9. and 10 represent a secondary copyright data, terti- 
ary copyright data, and n-order copyright data stored at 
the copyright management center 3, and 2 represents a 
communication network such as a public telephone line 
offered by a communication enterprise or a CATV line 
offered by a cable television enterprise. 

On the above arrangement, the database 1 . primary 
user terminal 4. secondary user terminal 5, tertiary user 
terminal 6, n-order user terminal 7, and copyright man- 
agement center 3 are connected to the communication 
network 2 and also they can be connected each other. 

In this figure, a path shown by a broken line repre- 
sents a path for encrypted data, a path shown by a solid 
line represents a path of requests from each user termi- 
nal, a path shown by a one-dot chain line represents a 
path through which authorization information corre- 
sponding to a utilization request in each data and a crypt 
key are transferred, and a path shown by a two-dot chain 
line represents a path through which copyright informa- 
tion is transferred from the database or from the data to 
a next -order data within copyright management center. 

Each user who uses this system is previously 
entered in a database system and in this time, database 
utilization software is provided him. The database utili- 
zation software includes a program for decrypting an 
encrypted copyright management program in addition to 
normal communication software such as data communi- 
cating protocol. 

To use the database 1 , a primary user prepares pri- 
mary-user authentication data Aul, a first public-key 
Kb1, a first private-key Kv1 corresponding to the first 
public-key Kb1 , a second public-key Kb2, and a second 
private-key Kv2 corresponding to the second public-key 
Kb2. and accesses the database 1 from the primary user 
terminal 4 via the communication network 2. 

The database 1 receiving the primary-user authen- 
tication data Au1 , first public-key Kb1 and second public- 
key Kb2 from the primary user confirms the primary-user 
authentication data Aul and transfers the confirmed pri- 
mary-user authentication data Au1 to the secondary 
copyright management center 3 as the primary user 
information lul. 
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The database 1 prepares two secret-keys, that .s. 
fret secret-key Ks1 and second secret-key Ks2. 

In the prepared first secret-key Ks1 and second 
sec et-key Ks2 the second secret-key Ks2 is also prev, 
SftJStarred to the copyright management . cen er 3 

As the result of the above transfer, a perm.t key co 
respond^ to primary Utilization, the primary user ,rta- 
Son u?. original copyright information IcO and the 

^^^^ - 

data Whe n nthedatamen U is transferred, the primary user 
retrieves in the data menu to select the data M. In th.s 
2se th original copyright information tt d the 
Sited data M is transmitted to the copynght manage- 
mTnfcente 3 The primary user selects permit key Kpl 

Sewing, storing, copying. ^ £££Z££ 
data Permit key Kpl is also transm.tted to the copyngm 

"TSS Sand storing of data are ^ 
m,,m reauired forms of use for the pnmary user, these 
rrd usfmay be excluded from the choices as the 
S'mum us e age. y and offering only copying. ««.«, and 

" a °t^^ - out of the database 1 
in accordance with a request of the P^jf^jj 
read original data MO is encrypted by the first secret key 

KsV. 

CmOksl =E(Ks1,M0). 

The encrypted data CmOksl is provided with the 
uncrypted original copyright intormat,on 

The first secret-key Ks1 is encrypted by the first puo 
lic . Jy Kb1 and the second secret-key Ks2 ,s encrypted 

by the second public-key kb2: 



ferred to the primary riser terminal 4 v,a the computa- 
tion network 2. and charged, if necessary. 

I, is possible to store the encrypted copynght man- 
it IS pOSSlDie jn user 

cls2 from the database 1 decrypts the encrypted 
gram C P^J™£ by the database utilization soft- 

first public-key KbV. 
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Ks1 =D(Kv1, Cks1kb1), 

second public-key Kb2: 

Ks2 = D(Kv2. Cks2kb2). 

And the primary user decrypts the encrypted copy- 
right management program Cpks2 using the decrypted 
second secret-key Ks2: 

p = D(Ks2, Cpks2). 

Finally theprimaryuserdecrypts the encrypted I data 
CmO s r^decr/pted copyright management pro- 
30 gram P using the decrypted first secret-key KM. 

MO = D(Ks1. CmOksl) 

and uses the decrypted original data MO directly or data 

" M1 AsleSbed above, the first private-key Kv! and 
seco'Ste-key Kv2 arec rypt key. pmjjj- 

theo"a™ 
and decrypted by the second secret-key Ks2. 



45 
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Ckslkbl =E(Kb1,Ks1) 

Cks2kb2 = E(Kb2. Ks2). 

While the copyright management program P is also 
encrypted by the second secret-key Ks2 

CpKs2 = E(Ks2, P). 

the copyright management program P must not always 
beencry P ?edbythesecondsecret-keyKs2but.tmaybe ^ 



Cmks2 = E(Ks2. M) 
M = D(Ks2, Cmks2). 
The decrypted second secret-key Ks2 is hereafter 

, c1 for Wo^^.'SS the primary user are 
and time when edited the aaia uy h 
stored in the primary user termtnai 4. 
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Moreover, it is further protected by attaching the cop- 
yright information Id to the data as copyright information 
label, and adding the digital signature. 

The encrypted data Crnks2 is encrypted to be dis- 
tributed. Since the copyright information label provides s 
a clue to obtain the second secret-key Ks2 which is the 
key for decryption, the second secret key Ks2 cannot be 
obtained in the case where the copyright information 
label is removed from the encrypted data Cmks2. 

When the encrypted data Cmks2 is stored in the pri- w 
mary user terminal 4, the second secret-key Ks2 is 
stored in the terminal 4. However, when the encrypted 
data Cmks2 is not stored in the primary user terminal 4 
but is copied to the recording medium 11 or transmitted 
to the secondary user terminal 5 via the communication is 
network 2, the second secret-key Ks2 is disused in order 
to disable subsequent utilization of the data in the pri- 
mary user terminal 4. 

In this case, it is possible to set a limitation for rep- 
etitions of copying or transmitting of the data so that the 20 
second secret-key Ks2 is not disused within limited repe- 
tions of copying and transmitting of the data. 

The primary user who is going to copy the data M to 
the external recording medium 1 1 or transmit the data M 
via the communication network 2 must prepare the sec- 25 
ond secret-key Ks2 to encrypt the data M by this second 
secret-key Ks2 before copying or transmitting the data: 

Cmks2 = E(Ks2, M). 

30 

The uncrypted original copyright information IcO and 
primary-user copyright information Id are added to the 
encrypted data Cmks2. 

Before using a database, a secondary user, similar 
to the primary user, prepares authentication data Au2 for 35 
authenticating the secondary user, a third public-key Kb3 
and a third private-key Kv3 corresponding to the third 
public-key Kb3, a fourth public-key Kb4, and a fourth pri- 
vate-key Kv4 corresponding to the fourth public-key Kb4. 

The secondary user who desires secondary utiliza- 40 
tion of the copied or transmitted encrypted data Cmks2 
must designate original data name or number to the cop- 
yright management center 3 to request for secondary uti- 
lization to the center 3 from the secondary user terminal 
5 via the communication network 2. In this time, the sec- 45 
ondary user also transfers the third public-key Kb3 and 
the fourth public-key Kb4 as well as the secondary user 
authentication data Au2, original copyright information 
IcO and primary user copyright information id. 

The copyright management center 3 receiving the so 
secondary utilization request from the secondary user 
confirms the secondary-user authentication data Au2 ( 
and transfers confirmed secondary-user authentication 
data Au2 to the tertiary copyright data 9 as secondary 
user information. 55 

When the secondary copyright information Id of the 
primary user is transferred, the secondary copyright 
information lei is inquired to the secondary copyright 
data 8, and then, it recognizes the secondary copyright 
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information Id to be transferred to the tertiary copyright 
data 9. 

The secondary user selects permit key Kp2 corre- 
sponding to the form of data usage such as viewing, stor- 
ing, copying, editing and transmitting of data. Permit key 
Kp2 corresponding to the selected usage is sent to the 
tertiary copyright data 9. 

Because viewing and storing of data are the mini- 
mum required forms of use for the secondary user, these 
forms of use may be excluded from the choices as the 
minimum usage, offering only copying, editing and trans- 
mitting as the choices. 

The secondary copyright data 8 prepares a third 
secret-key Ks3. 

The prepared third secret-key Ks3 is transferred to 
and stored in the tertiary copyright data 9. 

As the result of the above transfer, the permit key 
Kp2, primary user copyright information Id. primary 
user information Iu1. original copyright information IcO, 
secondary user information Iu2, and third secret-key Ks3 
are stored in the tertiary copyright data 9. The permit key 
Kp2, primary user copyright information Id , and primary 
user information lul are used for copyright royalties dis- 
tribution. 

Hereafter similarly, permit key Kpn corresponding to 
n-order usage, copyright information for secondary 
exploitation right lcn-1 of (n-l)-order user, primary user 
information lul, original copyright information IcO, n- 
order user information !un, and n-th secret-key Ksn are 
stored in n-order copyright data 10. 

The permit key Kp2, primary user information Iu1, 
original copyright information IcO and second secret-key 
Ks2 are read out of the secondary copyright data 8. The 
originai copyright information IcO is used for copyright 
royalties distribution. 

The read second secret-key Ks2 and third secret- 
key Ks3 are encrypted by the third public-key Kb3 and 
fourth public-key Kb4 of the secondary user respectively: 

Cks2kb3 = E(Kb3, Ks2) 

Cks3kb4 = E(Kb4, Ks3). 

The copyright management program P is encrypted 
by the third secret-key Ks3: 

Cpks3 = E(Ks3, P). 

The encrypted copyright management program 
Cpks3, encrypted second secret-key Cks2kb3. and 
encrypted third secret-key Cks3kb4 are transferred to 
the secondary user terminal 5 via the communication 
network 2. In this case, charging is performed, if neces- 
sary. 

The secondary user receiving two encrypted secret- 
keys Cks2kb3 and Cks3kb4 and the encrypted copyright 
management program Cpks3 from the secondary copy- 
right data 8 decrypts the encrypted second secret-key 
Cks2kb3 by the third private-key Kv3 ( and decrypts the 
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encrypted third secret-key Cks3kb4 by the fourth private- 
key Kv4 corresporxling to the fourth public-key Kb4. 
using the database utilization software: 

Ks2 = D(Kv3, Cks2kb3) 

Ks3 = D(Kv4. Cks3kb4). 

The encrypted copyright management program 
C P ks3 is decrypted by the decrypted third secret-key 
Ks3: 

p = D(Ks3, Cpks3). 

Then, the encrypted data Cmks2 is decrypted to use 
,t by the decrypted second secret-key Ks2 us.ng 
decrypted copyright management program P. 

M = D(Ks2. Cmks2). 



As described above, the third private-key Kv3 and 
thefourthprivat e -keyKv4arepreparedbythesecor^ary 

user but not opened to others. Therefore, even if a frmd 
par^y obtains the encrypted data Cmks2. it » impossible 
to use the data by decrypting it. rfamm ,«t 
Each user who uses above-ment.oned system must 
previously be entered in a database system and when 
entered in the system, software for database .s supplied 

t0 th Be^a e usethe software includes not only normal com- 
munication software such as adata communication pro- 
toco but also a program for decrypting a copyright 
rnagement program byafirstcrypt-key.it is necessary 

t0b ^ratKeyK, a secondcr y pt-keyK 2 ,anda 
copyright management program P are transferred to 
each user in order to use data M. and each user keeps 
these keys and the program. 

Further, the copyright information label, user infor- 
mation, the public-key and private-key in the pub^key 
cryptosystem and the program containing algorithm for 
generating the secret-key are kept when needed 

For keeping them, it is the simplest means to use a 
flexible disk. However, the flexible disk is easy in disap- 
pearance or alteration of data. 

Moreover, a hard disk drive is also unstable for dis 
appearance or alteration of data though it is more stable 
than the flexible disk. 

Recently, an IC card is spread in which an IC ele 

ardization of a PC card with a microprocessor sealed 
it is progressed as a PCMCIA card or JEIOA card 

The data copyright management apparatus pro- 
posed by the inventor of the present 
the prior Japanese Patent application No. 237673/1994 
•s described in Figure 2. 

The data copyright management unit 15 is config- 
ured as a computer system, comprising a ^croproces- 
-,o7(CPU) 16. a local bus 17 of CPU 16. read only 



memory (ROM) 18 connected to local bus 17. and 
wL/read memory (RAM) 19. wherein the local bus 17 
being connected to system bus 22 of the microprocessor 
21 of the user terminal 20. 

Moreover, a communication unit (COMM) 23 which 
receives data from an external database and transfer 
data to the external database, a CD-ROM drive CDRD) 
24 whichreadsdatap^ 

drive (FDD) 25 which copies received or edited data to 
,„ a flexible disk drive to provide outside with such** 
and a hard disc drive (HDD) 26 wh.ch stores data are 
connected to the system bus 22 in the user terminal 20. 
C As a matter of course. ROM and RAM or the like are 
connected to the system bus 22 of the user terminal. 
,s however, it is not shown in the figure. 

Fixed information, such as software and user data 
for utilizing the database is stored in ROM 18 of the data 
copyright management unit 15. ^ nrnnra m 
A crypt-key and thecopyright management program 
so provided from the key control center or copyright man- 
aaement center are stored in RAM 19- 
9 ^e process of decryption and re-encryption are 
performed by the data copyright management unit 15 
S of which results are transferred to the use- -Ujrrn. a 
2S 20viathelocalbus17andthesystembus21 oftheuser 

term ™e data copyright management unit 15 is imple- 
mented as monolithic IC, hybrid IC, an expansion board, 
an IC card, or a PC card. 

30 

Summary of the Invention 



in the present application, apparatus for data copy- 
righ management system, resulted from further irnp.e- 
« mentation of the apparatus used in the user term.nal 
" proposed in the prior Japanese patent ap P l.cat.on No. 

^££^^<<-^*£ 

present invention is attached to the user terminal, which 
4C c m rises central processing unit, centra, proem 
unit bus. read only semiconductor memory el^nca«y 
erasable programmable memory, and read/wrrte mem- 

^ Central processing unit, read only «n*ort«*r 
„ memory, electrically erasable PW^'^™ 
and read/write memory are connected to the central 
Dressing unit bus. and also system bus of a un.twh.ch 
5SSTS data can be connected to it. ™ WjJJ 
management system program, a crypt algorithm and 

tor memory, and a second private-key permit key sec 
ond secret-key. and copyright information , are stored n 
the electrically erasable programmable memo y. 
where first public-key, first private-key. second p*£ 
, eperet-kev being transferred to the 

55 key. and first 8 ^*^ ^theunit. If the cop- 
read/write memory at the operation or v 
yright management program is provided from the .out 
side, it is stored in the EEPROM. Otherwise. A is stored 
in ROM. 
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As a form of the data copyright management appa- 
ratus, monolithic IC. hybrid IC, a thin IC card with special 
terminal, a PC card, and a board for insertion can be 
available. 

In the data copyright management system 5 
described above as prior invention, while the obtained 
encrypted data is decrypted for utilization of display- 
ing/editing, the obtained or edited data is re-encrypted 
to store/copy/transfer so that no unauthorized use of the 
data can be available. 10 

Accordingly, in the apparatus used in the data cop- 
yright management system of the present invention, re- 
encryption of data, as well as decryption of data should 
be performed concurrently, however, those data copy- 
right management apparatus described in the prior appii- 15 
cations can perform only one process of either data 
decryption or data re-encryption. 

Thus, in the present application, a data copyright 
management apparatus which, at the same time, can 
decrypt and re-encrypt data encrypted and supplied in 20 
order to manage copyright is proposed. 

For the purpose of that, data which was encrypted 
and provided is decrypted and re-encrypted by adding 
at least one microprocessor, preferably 2 microproces- 
sors, in addition to the microprocessor that controls the 25 
entire user terminal therein. When one microprocessor 
is added, one of the 2 microprocessors, one included in 
the user terminal or one added, will decrypt data and the 
other will re-encrypt data. 

When 2 microprocessors are added, one of the 30 
added microprocessors will decrypt data, the other 
microprocessor will re-encrypt data, and the microproc- 
essor of the user terminal will control the entire opera- 
tion. 

Although the added microprocessors may be con- 35 
nected to system bus of the microprocessor in the user 
terminal, this configuration may not allow a multiproces- 
sor configuration to operate plural microprocessors con- 
currently. 

Therefore, in the present application, a data copy- 40 
right management apparatus as a multiprocessor con- 
figuration utilizing SCSI bus or PCI bus is proposed. 

Other than character data, digital data includes 
graphic data, computer program, digital audio data, still 
picture data of JPEG standard, and motion-picture data 45 
of MPEG standard. 

While the data works comprising these data are uti- 
lized by using various apparatus, it is necessary that 
these apparatus should also include the data copyright 
management function. 50 

Thus, in the present application, it is proposed that, 
as a form of use, these data copyright management 
apparatus and the data copyright management appara- 
tus described in the prior application are incorporated in 
various systems. 55 
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Brief Description of the Drawings 

Figure 1 is a block diagram of the data copyright 
management system of the prior invention. 

Figure 2 is a block diagram of the data copyright 
management apparatus of the prior invention. 

Figure 3 is a block diagram of the data copyright 
management apparatus of embodiment 1 of the present 
invention. 

Figure 4 is a specific block diagram of the data cop- 
yright management apparatus of the embodiment 1 of 
the present invention. 

Figure 5 is a process flow chart of data copyright 
management system related to the present invention. 

Figure 6 is a block diagram of the data copyright 
management system of the prior invention. 

Figure 7 is a flow chart of a general edit process of 
digital data. 

Figure 8 is a flow chart of encrypted data edit proc- 
ess of the present invention. 

Figure 9 is a block diagram of the data copyright 
management apparatus of embodiment 2 of the present 
invention. 

Figure 10 is a block diagram of the data copyright 
management apparatus of embodiment 3 of the present 
invention. 

Figure 1 1 is a block diagram of the data copyright 
management apparatus of embodiment 4 of the present 
invention. 

Figure 12 is a block diagram of the data copyright 
management apparatus of embodiment 5 of the present 
invention. 

Figure 13 is a block diagram of the data copyright 
management apparatus of embodiment 6 of the present 
invention. 

Figure 14 is a block diagram of the digital cash sys- 
tem as one example of use of the present invention. 

Figure 1 5 is a block diagram of the video conference 
system as one example of use of the present invention. 

Detailed Description of the Preferred Embodiments 

The detailed embodiments of the present invention 
are described below with reference to the drawings. 

The embodiment 1 of the data copyright manage- 
ment apparatus related to the present invention is shown 
in a block diagram of Figure 3. 

The data copyright management unit 30 includes 
electrically erasable programmable memory (EEPROM) 
31 in addition to the components of the data copyright 
management unit 15 described in the prior application 
No. 237673/1994. 

The data copyright management unit 30 is a com- 
puter system having CPU 16, local bus 17 of CPU 16, 
ROM 18 connected to local bus 17, RAM 19, and EEP- 
ROM 31, wherein local bus 17 being connected to the 
system bus 22 of the microprocessor 21 in the user ter- 
minal 20. 
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Moreover communication unit (COMM) 23 which 
recess data from external database and 

v ,ded bv CD-ROM, a flexible disc dr.ve (FDD) 2t> wn c 

are connected to the system bus 22 of tne user 
20 ' Further ROM and RAM are connected to the system 
bus 22 Z the user terminal, however, it is not shown m 

thS rSS information such as a data copyright manage- 
men pr^ram a cryptography prograrr , basec on crypt 
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EEPROM^ Further. when data copyright manage- 

Mis 17 and system bus 22. 

The data eopytisnt management unit 30 is inv 
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Further a program for generating secret-keys oasea 
on seaSey algorithm of not 
gram, and a re-encryption program may be storea 
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EEPROM^rMoreover'when the copyright manage 

from the outside such as database, tney *i 
EEPROM 31. -ate than ROM 18. SU m«.« 66P 
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copyright management center, and the date icon J* 
management system program are stored m RAM of the 

^rprocero^ecryption and re-encryption are 
mtnfunS 30 are transferred to the user terminal. 



T*e specific internal structure of the data . copyright 
management unit 30 in Figure 3 is shown in figure 4. 

A microcomputer (CPU) 16. read only semiconc, c- 
tor memory (ROM) 18, write/read memory (RAM) 19. 
, a dTctricaliy erasable programmable memory (EEP- 
Znu\ 31 are enclosed in the data copyright manage 
men un 3 and are connected to microcomputer bus 
T 7 o ttie microcomputer 16. the microcomputer bus 17 

10 mina ; 2 e d m atL n co°pyri g nt management system program, 
cryp^onthm. and'he user information are stored m 
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We TnThS area 37. copyright ^ 
the original copyright information and the seconds ry 
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35 St ° r ?s in the case of the electrically erasable program- 
m able Memory 31. inside of the write/read memory 19 

40 private-key Kvi. and the second public-key Kb2 

- ^rherd^rranaccesscontrolkeyisstored 
^'Te^ tirnina. attached with the data^gnt 
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In Figure 5. an example of data copyright manage- 
ment flow when encrypted data is digital picture com- 
pressed in JPEG standard or MPEG standard. The flow 
is divided into transmitting side flow and receiving side 
flow with a transmit line in between, and the receiving 5 
side flow is further divided into display flow and storage 
flow. ✓ 

The signal process in the transmitting side consists 
of process preparing digital picture and process process- 
ing the digital picture prepared. In this process, if an orig- to 
inal picture is the digital picture 41 , It proceeds to next 
process. If an original image is an analog picture 40, dig- 
itizing process 42 is performed. 

The digital picture is compressed 43 first by given 
standard such as JPEG standard, or MPEG standard. 15 
then the compressed digital data is encrypted 44 using 
the first secret-key. 

The picture data signal processed in transmitting 
side is transmitted through transmission line 45 such as 
satellite broadcasting wave, terrestrial broadcasting 20 
wave, CATV wave, or public telephone line/ISDN line. 

Further, recording media such as a digital video 
tape, a digital video disk, or CD-ROM may be used as 
the transmission line. 

Thus the picture data transmitted to the receiving 25 
side is decrypted 46 first using the first secret key, then 
the compressed picture data is expanded 47 to be dis- 
played 49. When the display is a digital data display unit, 
it is directly displayed, however, when it is an analog data 
display unit, it is converted to analog data 48. 30 

When data is stored in hard disk, flexible disk, optical 
magnetic disk, writable video disk or the like, it is stored 
after being re-encrypted 50 using the second secret key. 

In displaying again the picture data re-encrypted and 
stored, it is re-decrypted 52 using the second secret key 35 
and displayed 49. If the display unit is a digital data dis- 
play unit, it is directly displayed, however, if it is an analog 
data display unit, it is converted to analog data 48. 

Moreover, for data compression/expansion means 
and transmission path, appropriate ones compatible with 40 
the data are used. 

Figure 6 shows an example of the data copyright 
management system disclosed in the prior Japanese 
Patent Application No. 237673/1994. This system uses 
the secret-key system as a cryptosystem. 45 

In the case of this system, reference numeral 1 rep- 
resents a database in which text data, binary data serv- 
ing as a computer graphic display or a computer 
program, digital audio data, and digital picture data are 
stored by being encrypted, 14 represents a space satel- so 
lite such as a communications satellite or a broadcasting 
satellite, 15 represents a data recorder such as a CD- 
ROM or a flexible disk, 2 represents a communication 
network such as a public telephone line offered by a com- 
munication enterprise or a CATV line offered by a cable ss 
television enterprise. 4 represents a primary user termi- 
nal, and 1 6 represents a key control center for managing 
a secret-key, and 17 represents a copyright manage- 
ment center for managing a data copyright. 
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Reference numerals 5, 6, and 7 represent a second- 
ary user terminal, a tertiary user terminal, and n-order 
user terminal respectively, and 1 1, 12, and 13 represent 
a secondary disk, tertiary disk, and n-order disk serving 
as a recording medium such as a flexible disk or CD- 
ROM respectively. The symbol "n" represents an optional 
integer. When "n" is larger than 4, a corresponding user 
terminal and a corresponding disk are arranged between 
the tertiary user terminal 6 and the n-order user terminal 
7 and between the tertiary disk 12 and the n-order disk 
13 respectively. 

On the above arrangement, the database 1, key con- 
trol center 1 6, copyright management center 1 7, primary 
user terminal 4, secondary user terminal 5, tertiary user 
terminal 6. and n-order user terminal 7 are connected to 
the communication network 2. 

In this figure, the path shown by a broken line is a 
path of encrypted data, a path shown by a solid line is a 
path of requests from each user terminal, and a path 
shown by a one-dot chain line is a path through which 
authorization information corresponding to a utilization 
request and a secret-key are transferred. 

Moreover, each user who uses this system is previ- 
ously entered in the database system. When the user is 
entered in the system, a database utilization software is 
given to the user. The database utilization software 
includes not only normal communication software such 
as a data communication protocol but also a program for 
running a copyright management program. 

Original data MO of text data, binary data as a com- 
puter graphic display or computer program, digital audio 
data, or digital picture data stored in the database 1 or 
data recording medium 1 5 is one-way supplied to the pri- 
mary user terminal 4 via the communication network 2, 
satellite 14 or recording medium 15. 

In this case, the data is encrypted with a first secret- 
key Ksi: 

CmOksl = E(Ks1. MO). 

Even if data provided with advertisement to be 
offered free of charge, it is necessary to be encrypted in 
order to protect the copyright. 

It is disclosed in the Japanese Patent Application 
No. 64889/1994 which is the prior application that the 
data utilization includes not only displaying of data which 
is the most basic usage but also storing, editing, copying, 
and transmitting of the data, a use permit key is prepared 
which corresponds to one or several forms of usage, and 
its management is executed by the copyright manage- 
ment program. 

Moreover, it is described there that data is encrypted 
again by the copyright management program for use 
such as storing, copying, editing and transmitting of the 
data other than displaying of the data and displaying for 
editing the data. 

In other words, the data whose copyright is claimed 
is encrypted to be distributed, and only when the data is 
displayed or displayed for editing the data in a user ter- 
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minal having a copyright treatment function, the data is 
decrypted to a plaintext. 

This system disciosed in Japanese Patent AypUtj- 
ton No. 237673/1994 uses the method descnbed in the ^ 
nrior application No. 64889/1994. 
Pn0 Ap"mar y userwh 0 desire S primary u*«j*^ 

nzato wLl from M primary us.. lerm,nal 4 trans- 
agementprogramPviathecommun,cat.onnetwork2to 

secSSy Ks1 using the copyright management pro- 
gramP 



M0 = D(Ks1,Cm0ks1) 
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to use the decrypted original data MO directly or data M1 

" thin the data M which is the original date MO -or 
^HitPd data M1 is stored in a memory or a built-in hara 

led to the external recording med.um 1 1 such as anew 
STor transmuted to the secondary user term na, 5 a 
the communication network 2. a problem of a copyngm 
a* ,0 tn secondary utilization occurs. 
d wSe or Qinal data MO obtained by the primary 

the copyright of the primary user is not effected I or ithe 

all However, when the primary user produces new data 

da,a swarly when a secondary user produces new 
dJ£^«»ino the origina. data MO or edrted data 

SToSnZd fromfre primary user or b> 55 
combination of other data. thecopyr.ghtofheseco^ay 

user; i. e.. secondary exploitat.on right on the secondary 

^Tn^S^o correspond to the problem of the 
copyright ^e^ata M is encrypted by the second secret- 
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Iu1 and then, transfers the second secret-key Ks2 serv- 
ing as a decryption key and the third secret-key Ks3 serv- 
ing as an encryption/decryption key to the secondary 
user terminal 5 via the communication network 2. 

In the secondary user terminal 5 receiving the sec- 5 
ond secret-key Ks2 and the third secret-key Ks3, the 
encrypted data Crrfks2 is decrypted using the second 
secret-key Ks2 by the copyright management program P 

M = D(Ks2, Cmks2) io 

and is secondarily utilized such as being displayed or 
edited. 

In this system, the key control center 16 processes 
a primary utilization requests and the copyright manage- 75 
ment center 17 processes a secondary utilization 
requests. While the data M supplied to a primary user is 
encrypted by the first secret-key Ks1, the data M sup- 
plied to a secondary user is encrypted by the second 
secret-key Ks2. Moreover, the first secret-key Ks1 and 20 
the second secret-key Ks2 are transferred to the primary 
user as crypt keys from the key control center 16. 

Therefore, if the secondary user, instead of the pri- 
mary user, falsely requests for primary utilization to the 
key control center 16, the first secret-key Ks1 fordecryp- 25 
tion and the second secret-key Ks2 for encryp- 
tion/decryption are transferred to the secondary user. 
However, the secondary user cannot decrypt the 
encrypted data Cmks2 by using the first secret-key Ks1 
transferred as a decryption key. 30 

Therefore, it is impossible to falsely request for data 
utilization and resultingly, not only the original copyright 
of data but also the copyright of the primary user on the 
data are protected. 

When storing, copying, or transmitting of the data M 35 
other than displaying and displaying for editing is per- 
formed in the secondary user terminal 5, the data M is 
encrypted using the third secret-key Ks3 by the copyright 
management program P and thereafter, the data is 
decrypted and encrypted by the third secret-key Ks3: 40 

Cmks3 a E(Ks3, M) 

M = D(Ks3. Cmks3). 

45 

Moreover, it is free in principle that the secondary 
user displays and edits data to obtain the edited data M2. 
In this case, it is possible to limit the repetitions of the 
operation by the copyright management program P 

When the data M is copied to the external recording 50 
medium 12 or transmitted via the communication net- 
work 2, the second secret-key Ks2 and the third secret- 
key Ks3 in the secondary user terminal 5 are disused by 
the copyright management program P. Therefore, when 
reusing the data M. the secondary user requests for the ss 
utilization of the data to the copyright management 
center 17 to again obtain the third secret -key Ks3. 

The fact that the secondary user receives a regrant 
of the third secret-key Ks3 represents secondary utiliza- 
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tion of data in which the data M has been copied to the 
external recording medium 12 or transmitted to the ter- 
tiary user terminal 6 via the communication network 2. 
Therefore, the fact is entered in the copyright manage- 
ment center 17 and allows subsequent data use. 

The data M is moved from the secondary user ter- 
minal 5 to the tertiary user terminal 6 by the external 
recording medium 12 or by the communication network 
2. When the data M is copied to the external recording 
medium 12 or transmitted via the communication net- 
work 2, it is encrypted by the third secret-key Ks3. 

When the data M is copied to the external recording 
medium 12 or transmitted to the tertiary user terminal 6 
via the communication network 2, the second secret-key 
Ks2 and the third secret-key Ks3 in the secondary user 
terminal 5 are disused. In this case, the uncrypted sec- 
ondary user information Iu2 is added to the encrypted 
data Cmks3 stored in the secondary user terminal 5. and 
when the encrypted data Cmks3 is transmitted to a ter- 
tiary user, the secondary user information Iu2 is also 
transferred. 

In adding each user information to data, there are 
two cases: a case in which every information is added to 
data whenever it is copied or transmitted; and another in 
which the history updated whenever the data is copied 
or transmitted is stored in the copyright management 
center. 

A tertiary user who desires tertiary utilization of the 
encrypted data Cmks3 copied or transmitted from the 
secondary user must designate original data name or 
number to the copyright management center 17 from a 
tertiary user terminal 6 via the communication network 
2 and also presents the tertiary user information lu3 to 
request for tertiary utilization of the data. In this time, the 
tertiary user further presents the uncrypted secondary 
user information Iu2 added to the encrypted data Cmks3 
in order to clarify the relationship with the secondary 
user. 

The copyright management center 17 confirms that 
the secondary user has received a regrant of the third 
secret-key Ks3 for preparation of tertiary-utilizing the 
data, in accordance with the presented secondary user 
information Iu2 and then, transfers the third secret-key 
Ks3 serving as a decryption key and fourth secret- 
keyKs4 serving as an encryption/decryption key to the 
tertiary user terminal 6 via the communication network 2. 

In the tertiary user terminal 6 receiving the third 
secret-key Ks3 and the fourth secret-key Ks4, the 
encrypted data Cmks3 is decrypted using the third 
secret-key Ks3 by the copyright management program P 

M = D(Ks3, Cmks3) 

and is tertiarily utilized such as being displayed or edited. 

In this system, the data M supplied to the primary 
user is encrypted by the first secret-key Ksi and the data 
M supplied to the secondary user is encrypted by the 
second secret-key Ks2, and the data M supplied to the 
tertiary user is encrypted by the third secret-key Ks3. 
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Therefore, if the tertiary user, instead of the primary 
user falsely requests for primary utilization to the key 
conioSer 16. the first secret-key Ksl for decryption 

andheseS 
; to the tertiary user. Howeven H « «np* . 

stale to decrypt the encrypted data Cmks3 by the : irst 

key respectively. However, it is impossible todeaypt the 
encrypted data CmKs3 by the second secret-key Ks2 
transferred as a decryption key. 

Therefore, it is impossible to falsely request for data 
utilization. As a result, not only the orig.nal copynght ° 
Z data but also the copyrights of the pnmary and sec 
ondary users on the data are and 20 

The same procedure is applied to quaternary ana 
subsequent utilization. 1 kev 

in the above described system, the database key 
rontrol center 16. and copyright management center 17 

^Pt all of or proper two of them integrally. 
S6t Moreover. 5 is also possible to request for a ^jm t 

the key control center 16 but to the copyright manage ^ 

""In^FSesV) and 7(b). signal process flow in d*a 
edit method of digital video or digital audio , .s showr. An 
edit flow generally processed is shown , . 7(a) and an 
edit flow 7(b) which can avoid deter.orat.on of agnate. 
6dt InThe edit flow shown in 7(a). signate supply as « 
dioital signals 61 are converted to analog signals 62^ the 
anaSg Ignals are then edited while being displayed i £ 

65 to be stored, copied, and transferred 66. 

Though this process may be simple, it can not avoid 
detection of signals since signal is edited m analog 
and resized after completion of editing 

The edit flow shown in 7(b). digrta signal 6 _1 are 
corwertedtoanalogsignals62tobedisplayed.Wh.lethe 

Sog Ignals 62 are used in editing 63 the analog s.g- « 
nals are used only for displaying 64 rather than for stor 

copied and transferred 66 in the form of digital signals 
61 correspond to signals displayed in analog i. 

In the case of this edit flow, there .s no 
of signals since digital signals which are stored. coped. 
andLsferred are never converted to 

Figures 8(a) and 8(b) illustrate flow samples when 
editing encrypted data to which signal process .n da a 
SS metrS of digital video or £££ 
Fin, ire is aDDlied 8(a) shows a simplified signal process 
SJTSS) iows a signal processing flow wh,ch 
allows sufficient copyright management. 



In the signal processing flow shown in (a), the orig- 
inal iata7ic m 0ks1. encrypted ^f*™^ 
Ksl and supplied is initially decrypted 72 using the first 

secret key Ks1 : 



M0=D (Ks1. CmOksl), 

and the decrypted data MO is then edited 73 while being 
dXed 74 yP The data Ml completed edging is re- 
encrypted 75 using the second secret key Ks2. 

Cm1ks2=E (Ks2. M1) 
and stored copied, and transferred 76. 

nn the other hand, in the signal processing flow 

f irst secret-key KsV. 

M0=D(Ks1. CmOksl) 

the decrypted data MO is displayed 74. 

Wh E the encrypted data CmOksl is edited 73 lead 
hv the decrypted data MO. and the orig.nal data MO for 

second secret-key. 

Cm0ks2=E (Ks2, MO) 

Cm1ks2=E (KS2.M1) 
«heencrypteddataCm0ks2 or Cm1ks2 is stored, copied. 

a "SutS decrypted * £ 

"""St. data Wight management system ««* 
Ho»evs, tne data cop».igm « Zfdaa wy- 
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ment apparatus to re-encrypt the stored data afterwards. 
Thus, there is a possibility that decrypted or edited data 
might be lost due to accident or misoperation as well as 
posing limitation in volume to the data that can be proc- 
essed. 5 

With the exception of some high-class MPU, general 
MPU used in pers6nal computers does not take into 
account the multiprocessor configuration which allows 
concurrent operation of plural microcomputers. There- 
fore, plural operations can not be performed at the same w 
time, although accessory units are connected to the sys- 
tem bus of the personal computer. 

Accordingly, to connect the data copyright manage- 
ment unit 1 5 shown in Figure 2 or the data copyright man- 
agement unit 30 shown in Figure 3 to the system bus 22 is 
of the user terminal 20 never provides multiprocessor 
function that enables concurrent operation of MPU 21 or 
46 and CPU 16, and the processes of decryption of 
encrypted data and re-encryption of decrypted data are 
performed alternately, not concurrently. Thus, a large 20 
amount of data can not be processed since the data to 
be encrypted and decrypted is limited by the capacity of 
RAM. Further, it is impossible to increase the processing 
speed, even if the amount of data is not large. 

On the other hand, in the data copyright manage- 25 
ment system described as the prior application, 
encrypted data obtained is decrypted to use for display- 
ing or editing, and when the obtained or edited data is 
stored, copied, or transferred, it is re-encrypted in order 
to prevent unauthorized utilization of the data. Therefore, 3c 
it is desirable that the apparatus in the data copyright 
management system of the present invention performs 
not only decryption but also re-encryption of data at the 
same time. 

Recently, a PCI (Peripheral Component Intercon- 35 
nect) bus has attracted attention as means for imple- 
menting a multiprocessor configuration of typical 
personal computer. 

The PCI bus is a bus for external connection con- 
nected to a system bus of personal computer via a PCI 4c 
bridge, and allows to implement a multiprocessor config- 
uration. 

Figure 9 shows embodiment 2 of this invention, 
which is a configuration of data copyright management 
apparatus using a PCI bus and the same configuration 45 
of data copyright management unit 1 5 as shown in Fig- 
ure 3, that is. a computer configuration having a CPU 16, 
a local bus 17 for the CPU 16, and ROM 18. RAM 19, 
and EEPROM 31 connected to the local bus 17. 

In a user terminal 20, a PCI bus 81 is connected to so 
a system bus 22 for a microprocessor 2 1 via a PCI bridge 
82 and the local bus 1 7 for the CPU 1 6 of a data copyright 
management apparatus 80 is connected to the PCI bus 
81 . Also connected to the system bus 22 of the user ter- 
minal 20 are a communications device (COMM) 23 ss 
which receives data from external databases and trans- 
fers data to the external of tire terminal, a CD-ROM drive 
(CDRD) 24 which reads data supplied on CD-ROM a 
flexible disk drive (FDD) 25 which copies received or 




edited data to supply to the external of terminal, and hard 
disk drive (HDD) 26 used for storing data. COMM 23, 
CDRD 24, FDD 25, and HDD 26 may also be connected 
to the PCI bus 81. 

While ROM, RAM etc.. of course, are connected to 
the system bus 22 of the user terminal, these are not 
shown in Figure 9. 

Configurations and operations of other parts are the 
same as embodiment 1 shown in Figure 3, and further 
explanation of them will be omitted. 

A decryption task is performed by the MPU 2 1 of the 
user terminal 20 and an encryption task is performed by 
the CPU 16 of the data copyright management appara- 
tus 80 at the same time, and vice versa. Since the con- 
figuration of the MPU 21 and CPU 16 in this embodiment 
is a multiprosessor configuration which performs parallel 
processing with a PCI bus. high processing speed can 
be achieved. 

Other typical means for attaching external devices 
to a personal computer include SCSI (Small Computer 
System Interface), which is used for the connection of 
external storage medium such as hard disk drives and 
CD-ROM drives. 

Up to eight devices, including the personal computer 
itself to which SCSI is attached, can be connected to 
SCSI, and a plurality of computers may be included in 
the eight devices. Each of these computers can play an 
equivalent role, in other words, SCSI function as not only 
an interface but also a multiprocessor bus. 

Taking advantage of this function of SCSI, embodi- 
ment 3 connects a data copyright management appara- 
tus 85 to the system bus 22 of a user terminal 20 via 
SCSI 86 (hereinafter called the "SCSI bus", for clear 
understanding) instead of the PCI bus 81 in embodiment 
2. 

Figure 10 shows a configuration block diagram of a 
data copyright management apparatus of embodiments 
which uses and SCSI bus according to the present inven- 
tion. 

In embodiment 3. the configuration of the data cop- 
yright management apparatus 85 is the same as the data 
copyright management apparatus shown in Figure 3, 
that is. the apparatus has a CPU 16, a local bus 1 7 for 
the CPU 16. and ROM 18, RAM 19, and EEPROM 31 
connected to the local bus 17. 

On the other hand, an SCSI bus 86. which is con- . 
trolled by an SCSI controller (SCSICONT) 87. is con- 
nected to a system bus 22 for a microprocessor 21 of a 
user terminal 20, and the local bus 17 for the CPU 16 of 
a data copyright management apparatus 85 is con- 
nected to this SCSI bus 86. 

Also connected to the system bus 22 of the user ter- 
minal 20 are a communications device (COMM) 23 
which receives data from external databases and trans- 
fers data to the external of the terminal, a CD-ROM drive 
(CDRD) 24 which reads data supplied on CD-ROM, a 
flexible disk drive (FDD) 25 which copies received or 
edited data to supply to the external of terminal, and hard 
disk drive (HDD) 26 used for storing data. COMM 23, 
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CORD 24, FDD 25. and HDD 26 may also be connected 
to the SCSI bus 86. 

While ROM, RAM etc.. of course. 
the system bus 22 of the user term.nal. these are 

shown in Figure 10. tne 
Configurations and operations of other parts arett. 
same as embodimnt 1 thown .n F.gure 3. and 

use r A ter3 20 and a 

the CPU 16 of the data copyright manag ^ e ™ ; ^ on . 

processing with an SISI bus 86. h.gh processing P 
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Other me*..* ^ Coherent Inter- 

configuration. such as SCI (Scaiao essors 

MPEG-based moving picture. .ration 
The above-mentioned ^^1^^ 
o, the data -PV'^ 
embodiment 2 and the data C ° P ^ t ^ 

encryption and ,e-enc,pt,on car, K^JJ " » 

consideSLly diff icult to perform because the data . 

Seal with this problem, a multiprocessor system 
is iured by connection a first data W^JJ 
agement apparatus 80 and a ^J**™™^- 
management apparatus 90 to a PCI bus 81 « emo 

agement apparatus 90 is the same « .tat of ^ f£ 
d L copyright r^?*^^* 

ond data copyright management apparatus 
encrypts decrypted data. utilizing data- 



center or copyright management center are stored 

SS5S=a« 

J e a£. i. p«U* the «-»» s 
« rn ROM drive (CDRD) 24 are connected to the system 

Son. in order lo (warn processing speed «° m 
data cop,*, manaoernen, 

,Khm and user data, are stored .rr M BOM^ « 

Coovrioht information ■ stored in tne Etsl-nu™ » 

" ^.pted data «P« - 
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While the above-mentioned data copyright manage- 
ment apparatus 80 and 90 of embodiment 4 are 
described as being configured separately, these appa- 
ratus, of course, can be configured as a unit. 

Figure 13 shows a data copyright management s 
apparatus of embodiment 6 which is extended from the 
data copyright management apparatus 97 of embodi- 
ment 5. 

In the prior application shown in Figure 2 and the 
embodiment 1 described with reference to Figure 3. the w 
storage medium, such as HDD 26, for storing re- 
encrypted data are connected to the system bus 22 of 
the user terminal 20. In order to store re-encrypted data, 
therefore, the encrypted data must be transmitted by way 
of the system bus 22 of the user terminal 20 and the focal 75 
bus 1 7 of the data copyright management unit 1 5 or data 
copyright management unit 30. and consequently, 
processing speed can be slowed. This is true for a con- 
figuration in which those attached devices are connected 
to a PCI bus or SCSI bus. 20 

Jn the data copyright management apparatus 100 of 
the embodiment 6 shown in Figure 13, in addition to the 
communications device COMM 23 and the CD-ROM 
drive CDRD 24 connected to the local bus 1 7 in the data 
copyright management apparatus 97 for decryption in 25 
the embodiment 5 shown in Figure 12, storage devices 
such as HDD 26 for storing re-encrypted data are con- 
nected to the local bus 94 of the data copyright manage- 
ment apparatus 101 for re-encryption. 

The configuration of the data copyright management 3c 
apparatus 101 for re-encryption in embodiment 6 is 
essentially the same as that of the data copyright man- 
agement unit 30 shown in Figure 3. that is, the computer 
system has a CPU 91, a local bus 94 for the CPU 91 , 
and ROM 92, RAM 93 and EEPROM 95 connected to 35 
the local bus 94, and HDD 26 is connected to the local 
bus 94. 

Fixed information, such as a copyright management 
program, cryptography program based on crypt algo- 
rithm, and user data, are stored in the ROM 92. 4c 

Copyright information is stored in the EEPROM 95. 
If the copyright management program and cryptography 
program are supplied from the external such as data- 
bases, those programs are stored in the EEPROM 95 
rather than the ROM 92. 45 

A crypt-key for re-encryption and a data copyright 
management system program supplied from a key con- 
trol center or copyright management center are stored 
in the RAM 93. 

Data re-encrypted by the copyright management so 
apparatus 101 for re-encryption is stored in HDD 26. 

While the above-mentioned data copyright manage- 
ment apparatus 100 and 101 of embodiment 6 are 
described as being configured separately, these appa- 
ratus, of course, can be configured as a unit. 55 

Digital data includes, in addition to text data, graphic 
data, computer programs, digital sound data, JPEG- 
based still picture data, and MPEG-based moving pic- 
ture data. 



A typical user terminal which utilizes copyrighted 
data is computer apparatus such as personal computers. 
Other apparatus which utilize such data are receivers 
such as television sets, set-top boxes used with those 
receivers, digital recording apparatus such as video tape 
recorders, digital video disk recorders, and digital audio 
tapes (DAT) which store digital data, and personal digital 
assistants (PDA). 

The data copyright management apparatus shown 
in Figure 2 which is configured as an expansion board, 
IC card, or PC card and described in the prior patent 
application No. 237673/1994 or the data copyright man- 
agement apparatus shown in Figure 6 may be used by 
attaching it to a user terminal which is a computer, 
receiver, set-top box, digital recording medium, or PDA. 
However, it is desirable that a data copyright manage- 
ment apparatus is factory-installed in the user terminal 
in order to eliminate labor and failure during the attach- 
ment of the apparatus. 

To accomplish this, in each embodiment of the 
present invention, a data copyright management appa- 
ratus is implemented in the form of a monolithic IC, hybrid 
IC. or built-in subboard and is incorporated in a user ter- 
minal such as computer apparatus such as personal 
computers, receivers such as television sets, set-top 
boxes used with those receivers, digital recording 
medium such as digital video tape recorders, digital 
. video disk recorders, and digital audio tape (DAT) which 
store digital signals, or personal digital assistants (PDA). 

Further, the apparatus for managing data copyright 
described above can be applied not only to the data uti- 
lization but also to the handling of the digital cash and 
video conference systems. 

The digital cash system which has been proposed 
so far is based on a secret-key cryptosystem. The 
encrypted digital cash data is transferred from a bank 
account or a cash service of a credit company, and is 
stored in the IC card so that a terminal device for input/ 
output is used to make a payment. The digital cash sys- 
tem which uses this IC card as an electronic cash-box 
can be used at any place such as shops or the like as 
long as the input/ output terminal is installed. However, 
the system cannot be used at places such as homes or 
the like where no input/output terminal is installed. 

Since the digital cash is an encrypted data, any 
device can be used as the electronic cash-box which 
stores digital cash data, in addition to the IC card, as long 
as the device can store encrypted data and transmit the 
data to the party to which the payment is made. As a 
terminal which can be specifically used as the electronic 
cash-box, there are personal computers, intelligent tele- 
vision sets, portable telephone sets such as personal 
information terminal, personal handyphone system 
(PHS). intelligent telephone sets, and PC cards or the 
like which has an input/ output function. 

Trades in which such terminals are used as an elec- 
tronic cash-box for a digital cash can be actualized by 
replacing in the constitution of the data copyright man- 
agement system, the database with a customer s bank, 
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a first user terminal with a customer, the second user 
te minal with a retailer, the copyright control center ^ th 
a retailers bank and a third user terminal w.th a whole- 
saler or a maker. . 

An example o. the trading system will be explained 
,n which the digital cash is transferred via a commun.ca- 
tion network by using Fig6re 14 

The example uses the constitutor, of the data cop 
yright management system shown in F.gure 1 In F.gure 
preference numeral 111 represents a .cusi omer. 112 
abankof thecustomer 111.1 13areta, ^op. 1 Uabank 
of the retail shop 113, 115 a maker. 116 a ban oMh. 
maker 1 1 5. 2 a communication network such as a g*c 
line provided by a communication enterpr.se or CAiv 
ne provided by a cable television enterprise Customer 
, , ^ the customer's bank 112, the reta.l shop 1 3^ the 
etail shop's bank 114. the maker 115, the makers bank 
? can b'e mutually connected with the <™*™^ 
network 2. .n this system, the Corner 11 1 can use a 
credit company offering cashing serv.ce other than 
bats and h. can also interpose appropriate number of 
wholesalers between the retail shop and the maker 

,n addition. 117 and 118 are either IC £r* o r PC 
cards in which digital cash data is stored. The cards are 
used when the communication network .s not used. 

incidentally, in Figure 14. what .s 
broken line is a path of encrypted dig.ta. cash data^what 
is represented by the solid line is a path of requests £om 
the customer, the retail shop or the maker, and wha Us 
represented by a one-dot chain l.ne .s a path of the 
secret-key from each bank. 

in this example, first secret-key prepared b Mhecus 

tomer s bank 1 12. the second «^ ""'££2 
the customer, the third secret-key 9^^^^ 
shop, and the fourth secret-key prepared by the maker 
are used as crypt keys. 

Further, while the customer's bank 112. theretan 
shop's bank 114, and the maker's bank 116 are 
explained as separate entities, these can be cons.dered 
as a financial system as a whole. 

D-lgita. casn management program P for encrypting 
and decrypting the digital cash data is pr*""jj * s " 
trib uted to the customer 111 and .s sto rac I « the user 
terminal. Further, it is possible to transfer -the d^tal cash 
management program P together wrth data every -me 
^^1h.bBnkl.«^Fu rt h W .tt»c^to 
install the common digital cash management program v 

" ^customer 111 uses the user terminal to desig- 
nate the amount of money via the commun.catio i nrt- 
work 2 to request drawing out from the account of the 
customer's bank 1 1 2 to the bank. At th.s time the term, 
nal presents customer informat.on Ic of the customer 

1 1 1 The customer s bank 1 12 which receives ^cus- 
tomers request of drawing out from the account selects 
or genets the first secret-key Ksl -° ^ 
cash data MO of the amount is encrypted by the first 

secret-key Ks1 : 



CmOks1=E(Ks1,MO) 



and the encrypted digital cash data CmOksl and the f rst 
secret-key Ksl for a decrypting key are transferred to he 
5 cuslomer 111. and the customer information Ic and the 
first secret-key Ks1 are stored. ■ 
In mis case, the f irst secret-key Ks1 can be selected 
fr0 m what is preliminarily prepared by the customers 
bTk 1 1 2. and also may be generated by V™*™ * 
thTcustomer information Ic at the time of draw,ng by the 
Tustomer using the digital cash management program P 
on the basis of the customer information Ic. 

Ks1=P(lc). 



Through this means, the first secret-key Ksl can be 
novate for the customer 1 1 1 . At the same time rt .s not 
nressary to transfer the first secret-key Ks1 to the cus- 
tome^Hsothatthe safety of the system can behe.ght- 

20 ened Further. the first secret-key Ks1 can be generated 
on the basis of the bank information lbs of the customer s 

25 ^e ~ Til * which the encrypted digital 
2 cash^acSsi an dthefirstsecret-keyKs1 aretrans- 
S'ed generates second secret-key Ks2 according to 
any one or both of the customer information Ic and the 
M secret-key Ksl using the digital cash management 
30 program P. for example: 

Ks2=P(lc) 

and the generated second secret-key Ks2 is stored in the 

^XSTthe customer 111 uses the first secret-key 
KS1 to deayPt the encrypted digital cash data CmOksl 
with the digital cash management program p. 



40 



MO=D(Ks1, CmOksl) 



management program P. 

CmOKs2=E(Ks2. MO). 

The first secret-key Ks1 is disused at this time 
TecSomeMI^^^ 
the retail shop 1 13 decrypts the encrypted d.g tal cash 
SaTmOks2 which is stored in the user termmal as a 
SnW by the digital cash management program P 
55 using the second secret-key Ks2: 

MO=D(Ks2, CmOks2) 



so 
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and the digital cash data Ml which corresponds to the 
necessary amount of money is encrypted by the second 
secret-key ks2 using the digital cash management pro- 
gram P: 

5 

Cm1ks2=E(Ks2. Ml) 

and then, the payment is made by transmitting the 
encrypted digital cash data Cml ks2 to the user terminal 
as a cash-box of retail shop 1 1 3 via the communication w 
network 2. 

At this time, the customer information Ic is also trans- 
mitted to the user terminal of the retail shop 1 13. 

Further, the residual amount digital cash data M2 is 
encrypted by the second secret-key Ks2 using the digital 75 
cash management program P: 

Cm2ks2=E(Ks2, M2) 

and stored in the user terminal of the customer 111. 20 

The retail shop 113 to which the encrypted digital 
cash data Cmlks2 and the customer information Ic are 
transferred stores the transferred encrypted digital cash 
data Cm1 ks2 and customer information Ic in the user ter- 
minal, and presents the customer information !c to the 25 
retail shop's bank 1 1 4 via the communication network 2 
for confirming the content to request the transmission of 
the second secret-key Ks2 for decription. 

The retail shop's bank 1 1 4 which is requested by the 
retail shop 113 to transmit the second secret-key Ks2 30 
transmits the request of the transmission of the second 
secret-key Ks2 and the customer information Ic to the 
customer's bank 112. 

The customer's bank 112 which is requested to 
transmit the second secret-key Ks2 from the retail shop's 35 
bank 1 14 generates the second secret-key Ks2 accord- 
ing to the customer information Ic by the digital cash 
management program P in the case where the second 
secret-key Ks2 is based only on the customer informa- 
tion Ic, or generates the second secret-key Ks2 accord- 40 
ing to the customer information Ic and the first secret-key 
Ksi by the digital cash management program P in the 
case where the second secret-key Ks2 is based on the 
customer information Ic and the first secret-key Ks1 , and 
transmits the generated second secret-key Ks2 to the 45 
retail shop's bank 1 1 4. 

The retail shop's bank 114 to which the second 
secret-key Ks2 is transmitted from the customer's bank 
112 transmits the second secret-key Ks2 to the retail 
shop 1 13 via the communication network 2. so 

The retail shop 1 13 to which the second secret-key 
Ks2 is transferred decrypts the encrypted digital cash 
data Cm1ks2 by the second secret-key Ks2 using the 
digital cash management program P: 

55 

M1=D(Ks2. Cm1ks2) 

and after confirming the amount of money, forwards the 
article to the customer 111. 
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Incidentally, in this case, the retail shop 1 1 1 can 
directly requests the transfer of the second secret-key 
Ks2 to the customer's bank 112 instead of the retail 
shop's bank 114. 

In case where the digital cash received by the retail 
shop 1 13 is deposited in the account of the retail shop's 
bank 114, the customer information Ic is transferred to 
the retail shop's bank 114 together with the encrypted 
digital cash data Cm1 ks2 via the communication network 
2. 

The retail shop's bank 1 14 to which the encrypted 
digital cash data Cm1ks2 and the customer information 
Ic are transferred requests the transfer of the second 
secret-key Ks2 to the customer's bank 1 12 by transmit- 
ting the customer information Ic. 

The customer's bank 112, which is requested to 
transfer the second secret-key Ks2 from the retail shop's 
bank 1 14, generates the second secret-key Ks2 accord- 
ing to the customer's information Ic by the digital cash 
management program P when the second secret-key 
Ks2 is only based on the customer's information Ic, or 
generates the second secret-key Ks2 according to the 
customer's information Ic and the first secret-key Ks1 by 
the digital cash management program P when the sec- 
ond secret-key Ks2 is based on the customer's informa- 
tion Ic and the first secret-key Ksi, then the generated 
second secret-key Ks2 is transferred to the retail shop's 
bank 114. 

The retail shop's bank 114, to which the second 
secret-key Ks2 is transferred from the customer s bank 
112, decrypts the encrypted digital cash data Cm1ks2 
by the second secret-key Ks2 using the digital cash man- 
agement program P: 

M1=D(Ks2, Cm1ks2) 

and the decrypted digital cash data M1 is deposited in 
the bank account of the retail shop's bank 114. 

In the general trade system, the retail shop 113 
stocks products from the maker 1 15 or from the whole- 
saler which intervenes between the retail shop 113 and 
the maker 115. Then the retail shop 113 sells the prod- 
ucts to the customer 111. Consequently, a trading form 
is present between the customer 1 1 1 and the retail shop 
1 13 just as between the retail shop 113 and the maker 
115. 

The handling of the digital cash between the retail 
shop 1 13 and the maker 1 15 is not basically different 
from the handling of the digital cash which is carried out 
between the customer 111 and the retail shop 113. 
Therefore, the explanation there will be omitted for the 
sake of clarity. 

In this digital cash system, the digital cash is handled 
through banks. As information such as the processed 
amount of the digital cash, date, and the secret-key 
demanding party information with respect to the handling 
of the digital cash is stored in the customer's bank, the 
residual amount of digital cash and usage history can be 
grasped. 
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Even in the case where the user terminal which is 
an electronic cash-box storing the digital cash data can- 
not be used owing to the loss or the breakage, it is pos- 
sible to reissue the digital cash on the basis , of he 
residual amount, and usage history kept in the cus- 
tomer's bank. .. ■ 
It is desirable to adrfa digital signature to the digital 
cash data for heighten the safety of the digital cash. 

in this example, digital cash is added by the cus 
tomer's information which may be accOTp« 
rtai signature. Therefore, the digital cash in the example 
STSo have a function of settlement system for 
rhecaues drawn by customers. 

Also this system can be applicable to various sys- 
tems in the international trading such as payment settie- 
S of import/exportby a negotiation by a draft using a 
letter of credit and a bill of lading which have been exe 
ruted bv documents. . . 

in the video conference system, a television picture 
has been added to the conventional voice ^^ephoneset 
Recently the video conference system is advanced in 
whS, /computer system is incorporate I in the video 
conference system so that the quality of 
the picture are improved, and data canbe handled at the 
same time as well as the voice and the picture. 

Underthesecircumstances. security against the v,o- 
lation of the user's privacy and the data leakage due to 
eavesdropping by persons other than the ^participant of 
the conference are protected by the cryptosystem us.ng 

3 Se Hotever. since the conference content obtained by 
the participants themselves are decrypted, in the case 
where participants themselves store the 
conference and sometimes edit the content, and further, 
use or secondary usage such as distribution to he pe, 
sons other than the participants of the conference, the 
privacy of other participants of the video conference and 
data security remains unprotected. 

in particular, the compression technology of he 
transmission data is advanced while the volume of the 

possibility is getting more and more ««"JJ££ 
content of the video conference is copied to the data stor 
age medium or is transmitted via a network. 

in view of the circumstances, the example is 
intended, when video conference P««j^£S 
secondary use. to secure the pnvacy of other partic. 
pante and data security by using the aforementioned 
constitution of the data copyright management s stenr 
This video conference data management system 
can be actualized, for example, by replacing ^the : data- 
base in the data copyright management system const, 
tution shown in Figure 1 with a part.c-pant of th v deo 
conference, the first user terminal with another part c 
pant of the video conference, and the second user ter 
minal with non-participant of the video coherence. 

An example when utilizing will be explained by using 
Figure 15. 



Referring to Figure 15. reference numeral 121 rep- 
resents a participant as a host of the video con*rence_ 
1 22 a participant of the video conference as a guest. 23 
a non participant of the video conference as a useU24 
, a non-participant of the video conference as another 
5 user 2 a communication network such as a public tele- 
phone line provided by the communication enterprise 
and a CA television line provided by the cable elev.sion 

a enter P rise or the like. The P^IL^^oTS 
10 conference is connected to the part.c.pant 122 o, the 
video conference via the commun.cat.on network 2. fur 
ther the participant 122 of the video conference can be 
conned to the non-participant 123 oi i the ; v.deo con- 
ference, and the non-participant 123 of the "deo confer 
„ ence to the non-participant 124 of the v,deo conference 
15 via the communication network 2. Reference numeral 
125 and 126 represent a data recording medium. 

Referring to Figure 15. what is represented by the 
broken line is a path of the encrypted video conference 
20 content represented by the solid line is a path requesting 
^ crypt key from the non-participants of the v,deo con- 

erence 123 and 124 to the participant of the telev.sion 
inference and represented by the one-dot chain 
Ze is a path of crypt keys from the part.c.pant of the 

See 122 and the non-participants of the video con- 

f erence 123 and 124. 

In this example, a video conference data manage- 
ment system is described here only the protection fo r 
,n Hata security and privacy in case of the video conference 
SJ^aTto the explanation, however rt . 
oSse possible to protect for data security and pn- 
vacy of the video conference partiaparn ™- 

AvideoconferencedatamanagementprogramPfo 

35 encryption/decryption of the video conference data of 
SSSp-nt «1 -c'uding audio and picture « - ^ 
ously disputed to the video conference participant 122 
and the video conference non-partic.pants 123 and 124 
S is sTorS in each terminal. This video coherence 
40 data management program P may be transferred when- 
pvpr a crvDt-key is transferred, 
"in ^example, further, a first secret-key prepared 
bv the video conference participant 121. a second 
sec et-key prepared by the video conference participant 

non-participant 123 and subsequent secret-keys pre- 
rwPd similarly are used as a crypt key. 
P 1h^So conference participant 121 and the v,deo 

«, ^transmitting audio, picture and data (referred to as 
50 ITwLle data on the ^e^o^ 
each terminal via communication network 2. Before tne 
So inference, the video conference P*"Pjn^ 
oenerates or selects the first secret-key Ks1 to transfer 
55 SevSo conference participant 122 prior to the start 
of the video conference. . . 

Tne video conference participant 122 receiving ft. 
first secret-key Ksl generates the second secret-key 
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Ks2 by the first secret-key Ks1 using the video confer- 
ence data management program P: 

Ks2=P(Ks1). 

5 

The generated second secret-key Ks2 is stored in 
the terminal. * 

The video conference participant 121 encrypts the 
video conference data MO with the first secret-key Ks1 , 
in the video conference through the communication net- w 
work 2: 

CmOksl =E(Ks1, MO) 

and transfers the encrypted video conference data 15 
CmOksl to the video conference participant 122. 

The video conference participant 1 22 who receives 
the video conference data CmOksl encrypted by the first 
secret-key Ksl decrypts the video conference data 
CmOksl by the first secret-key Ks1 : 20 

M0=D(ks1, CmOksl) 

and uses decrypted video conference data MO. 

Further, the second secret-key Ks2 is generated 25 
based on the first secret-key Ks1 with the video confer- 
ence data management program P: 

Ks2=P(Ks1). 

30 

In the case where the decrypted video conference 
data MO is stored in the terminal of the participant 122 
of the video conference, copied to the data record 
medium 125, or transferred to the non-participant of the 
video conference via the communication network 2, the 35 
data M is encrypted by the second secret-key Ks2 using 
the video conference data management program P: 

Cmks2=E(Ks2, M). 

40 

The encrypted data Cmks2 is copied to the record 
medium 125 or supplied to the non-participant of the 
video conference via the communication network 2, 
together with the video conference data name or the 
video conference data number. 45 

The non-participant of the video conference 123 
who obtains the encrypted data CmKs2 requests to the 
participant 121 for the secondary use of the video con- 
ference data M from the terminal by specifying the name 
or number of the video conference data. so 

The participant 121 of the video conference who 
receives the request for the second use of the data M 
finds out the first secret-key Ks1 according to the name 
or the number of the video conference data name or 
number to generate the second secret-key Ks2 based 55 
on the first secret-key Ks1 : 

Ks2=P(Ks1) 



and supplies the generated second secret-key Ks2 to the 
non-participant of the video conference 123. 

The non-participant of video conference 123 who 
receives the second secret-key Ks2 decrypts the 
encrypted data Cmks2 by the second secret-key Ks2 by 
using the television conference data management pro- 
gram P: 

M=D(Ks2, Cmks2) 

and then, uses decrypted video conference data M. 

In the case where the video conference data M is 
stored in the terminal of the non-participant of the video 
conference 123, copied to the record medium 126, or 
transmitted to the non-participant of the video confer- 
ence 124, the video conference data M is encrypted by 
the second secret-key Ks2 using the video conference 
data management program P: 

Cmks2=E(Ks2. M). 

Incidentally, the third secret-key Ks3 may be gener- 
ated on the basis of the second secret-key Ks2 with the 
video conference data management program P: 

Ks3=P(Ks2), 

and the data M can be encrypted with the video confer- 
ence data management program P by this generated 
third secret-key Ks3: 

Cmks3=E(Ks3. M). 

Claims 

1 . A data copyright management apparatus used with 
a user terminal for utilizing digital data, 

said digital copyright management apparatus 
comprising a central processing unit, a central 
processing unit bus, read-only semiconductor mem- 
ory, electrically erasable programmable memory, 
and read/write memory; 

wherein, 

said central processing unit, said read-only 
semiconductor memory, said electrically erasable 
programmable memory, and read/write memory are 
connected to said central processing unit bus, and 
a system bus of said user terminal is able to be con- 
nected to said central processing unit bus; 

a data copyright management system pro- 
gram, a copyright management program, and user 
information are stored in said read-only semicon- 
ductor memory; 

a second private-key, a permit key, a second 
secret-key. a copyright management program, and 
copyright information are stored in said electrically 
erasable programmable memory; and 

a first public-key, a first private-key. a second 
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public-key. and a first crypt-key are transmitted to 
said read/write memory during operation. 

A data copyright management apparatus used with 
a user terminal for utilizing digital data. 

said data copyright management apparatus 
comprising a central processing unit, a central 
processing unit bus, read-only semiconductor ^mem- 
ory, electrically erasable programmable memory, 
and read/write memory, 

wherein. . 
said central processing unit, sa.d read-on y 
semiconductor memory, said electrically erasable 
programmable memory, and said ^adMr.te mem- 
ory are connected to said central processing unit 
bus, and a system bus of said user terminal is able 
to be connected to said central processing unit bus. 

a data copyright management system pro- 
gram, a copyright management program, crypt algo- 
rithm, and user information are stored in said read- 
only semiconductor memory; 

• a second private-key. a permit key. a second 
secret-key, and copyright information are stored in 
said electrically erasable programmable memory, 

a first public-key. a first private-key. a second 
public-key, and a first crypt-key are transmitted to 
said read/write memory during operation. 

3. The data copyright management apparatus acc ord- 
ing to Claim 1 or 2, which is contoured in the form 
of air IC. 

4. The data copyright management ; apparatus accord- 
ing to Claim 1 or 2, which is conf.gured in the form 
of an IC card. 

5. The data copyright management apparatus ^cord- 
ing to Claim 1 or 2. which is conf.gured m the form ^ 
of a PC card. 

6. Thedatacopyrightmanagementapparatusa^ 
ing to Claim 1 or 2. which is configured m the form 
of an insertion board. 



A data copyright management apparatus used in a 
user terminal for decrypting encrypted data to dis- 
play or edit said data and for re-encrypting decrypted 
data to store, copy, or transfer said data; 

said data copyright management apparatus 
comprising a first microprocessor and a second 
microprocessor; . 

wherein, a first computer comprising a first 
local bus connected to said f irst microprocessor, and 
first read-only semiconductor memory and first 
read/write memory connected to said f irst local bus; 

and " a second computer comprising a second 
local bus connected to said second microprocessor 
and second read-only semiconductor memory and 
second read/write memory connected said second 
local bus are configured; 

whereby, said first microprocessor decrypts 

encrypted data, and 

said second microprocessor re-encrypts 

decrypted data. 
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A data copyright management apparatus used in a 
user terminal for decrypting encrypted data to dis- 
play or edit said data and for re-encrypting decrypted 

data to store, copy, or transfer said data; 

wherein, a computer comprising a microproc- 
essor, a local bus connected to said microprocessor 
read-only semiconductor memory and read/write 
memory connected to said local bus is configured; 

whereby, one of the microprocessor of said 
user terminal and the microprocessor of said data 
copyright management apparatus performs decryp- 
tion and the other performs re-encryption. 
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